<?php
class ModelNewsAuthor extends Model {
	public function addAuthor($data) {
      	$this->db->query("INSERT INTO " . DB_PREFIX . "news_author SET 
		firstname = '" . $this->db->escape($data['firstname']) . "', 
		lastname = '" . $this->db->escape($data['lastname']) . "', 
		author_description = '" . $this->db->escape($data['author_description']) . "', 
		email = '" . $this->db->escape($data['email']) . "', 
		telephone = '" . $this->db->escape($data['telephone']) . "', 
		website = '" . $this->db->escape($data['website']) . "', 
		address = '" . $this->db->escape($data['address']) . "',
		city = '" . $this->db->escape($data['city']) . "',
		country_id = '" . (int)$data['country_id'] . "', 
		zone_id = '" . (int)$data['zone_id'] . "', 
		salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', 
		password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "',
		status = '" . (int)$data['status'] . "', date_added = NOW()");      	
      	
		$author_id = $this->db->getLastId();

		if (isset($data['image'])) {
			$this->db->query("UPDATE " . DB_PREFIX . "news_author SET image = '" . $this->db->escape(html_entity_decode($data['image'], ENT_QUOTES, 'UTF-8')) . "' WHERE author_id = '" . (int)$author_id . "'");
		}
		
				
		if ($data['keyword']) {
			$this->db->query("INSERT INTO " . DB_PREFIX . "url_alias SET query = 'author_id=" . (int)$author_id . "', keyword = '" . $this->db->escape($data['keyword']) . "'");
		}
	}
	
	public function editAuthor($author_id, $data) {
		$this->db->query("UPDATE " . DB_PREFIX . "news_author SET 
		firstname = '" . $this->db->escape($data['firstname']) . "', 
		lastname = '" . $this->db->escape($data['lastname']) . "', 
		author_description = '" . $this->db->escape($data['author_description']) . "', 
		email = '" . $this->db->escape($data['email']) . "', 
		telephone = '" . $this->db->escape($data['telephone']) . "', 
		website = '" . $this->db->escape($data['website']) . "', 
		address = '" . $this->db->escape($data['address']) . "',
		city = '" . $this->db->escape($data['city']) . "',
		country_id = '" . (int)$data['country_id'] . "', 
		zone_id = '" . (int)$data['zone_id'] . "', 
		status = '" . (int)$data['status'] . "' WHERE author_id = '" . (int)$author_id . "'");
	
      	if ($data['password']) {
        	$this->db->query("UPDATE " . DB_PREFIX . "news_author SET 
			salt = '" . $this->db->escape($salt = substr(md5(uniqid(rand(), true)), 0, 9)) . "', 
			password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($data['password'])))) . "' 
			WHERE author_id = '" . (int)$author_id . "'");
      	}

		if (isset($data['image'])) {
			$this->db->query("UPDATE " . DB_PREFIX . "news_author SET image = '" . $this->db->escape(html_entity_decode($data['image'], ENT_QUOTES, 'UTF-8')) . "' WHERE author_id = '" . (int)$author_id . "'");
		}
		
			
		$this->db->query("DELETE FROM " . DB_PREFIX . "url_alias WHERE query = 'author_id=" . (int)$author_id. "'");
		
		if ($data['keyword']) {
			$this->db->query("INSERT INTO " . DB_PREFIX . "url_alias SET query = 'author_id=" . (int)$author_id . "', keyword = '" . $this->db->escape($data['keyword']) . "'");
		}
      	
	}

	public function editToken($author_id, $token) {
		$this->db->query("UPDATE " . DB_PREFIX . "news_author SET token = '" . $this->db->escape($token) . "' WHERE author_id = '" . (int)$author_id . "'");
	}
	
	public function deleteAuthor($author_id) {
		$this->db->query("DELETE FROM " . DB_PREFIX . "news_author WHERE author_id = '" . (int)$author_id . "'");
		$this->db->query("DELETE FROM " . DB_PREFIX . "news_author_ip WHERE author_id = '" . (int)$author_id . "'");
		$this->db->query("DELETE FROM " . DB_PREFIX . "url_alias WHERE query = 'author_id=" . (int)$author_id . "'");
	}
	
	public function getAuthor($author_id) {
		$query = $this->db->query("SELECT DISTINCT *, (SELECT keyword FROM " . DB_PREFIX . "url_alias WHERE query = 'author_id=" . (int)$author_id . "') AS keyword FROM " . DB_PREFIX . "news_author WHERE author_id = '" . (int)$author_id . "'");
		
		return $query->row;
	}
	
	public function getAuthorByEmail($email) {
		$query = $this->db->query("SELECT DISTINCT * FROM " . DB_PREFIX . "news_author WHERE LCASE(email) = '" . $this->db->escape(strtolower($email)) . "'");	
		return $query->row;
	}
			
	public function getAuthors($data = array()) {
		$sql = "SELECT *, CONCAT(c.firstname, ' ', c.lastname) AS name FROM " . DB_PREFIX . "news_author c WHERE 1=1 ";

		$implode = array();
		
		if (!empty($data['filter_name'])) {
			$implode[] = "LCASE(CONCAT(c.firstname, ' ', c.lastname)) LIKE '%" . $this->db->escape(utf8_strtolower($data['filter_name'])) . "%'";
		}
		
		if (!empty($data['filter_email'])) {
			$implode[] = "LCASE(c.email) LIKE '" . $this->db->escape(utf8_strtolower($data['filter_email'])) . "%'";
		}

		if (isset($data['filter_newsletter']) && !is_null($data['filter_newsletter'])) {
			$implode[] = "c.newsletter = '" . (int)$data['filter_newsletter'] . "'";
		}	
			
		if (!empty($data['filter_ip'])) {
			$implode[] = "c.author_id IN (SELECT author_id FROM " . DB_PREFIX . "news_author_ip WHERE ip = '" . $this->db->escape($data['filter_ip']) . "')";
		}	
				
		if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
			$implode[] = "c.status = '" . (int)$data['filter_status'] . "'";
		}	
		
		if (isset($data['filter_approved']) && !is_null($data['filter_approved'])) {
			$implode[] = "c.approved = '" . (int)$data['filter_approved'] . "'";
		}	
				
		if (!empty($data['filter_date_added'])) {
			$implode[] = "DATE(c.date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
		}
		
		if ($implode) {
			$sql .= " AND " . implode(" AND ", $implode);
		}
		
		$sort_data = array(
			'c.username',
			'name',
			'c.email',
			'c.status',
			'c.approved',
			'c.ip',
			'c.date_added'
		);	
			
		if (isset($data['sort']) && in_array($data['sort'], $sort_data)) {
			$sql .= " ORDER BY " . $data['sort'];	
		} else {
			$sql .= " ORDER BY name";	
		}
			
		if (isset($data['order']) && ($data['order'] == 'DESC')) {
			$sql .= " DESC";
		} else {
			$sql .= " ASC";
		}
		
		if (isset($data['start']) || isset($data['limit'])) {
			if ($data['start'] < 0) {
				$data['start'] = 0;
			}			

			if ($data['limit'] < 1) {
				$data['limit'] = 20;
			}	
			
			$sql .= " LIMIT " . (int)$data['start'] . "," . (int)$data['limit'];
		}		
		
		$query = $this->db->query($sql);
		
		return $query->rows;	
	}
	
	public function approve($author_id) {
		$author_info = $this->getAuthor($author_id);

		if ($author_info) {
			$this->db->query("UPDATE " . DB_PREFIX . "news_author SET approved = '1' WHERE author_id = '" . (int)$author_id . "'");

			$this->load->language('mail/author');
			
			$this->load->model('setting/store');
						
			$store_info = $this->model_setting_store->getStore($author_info['store_id']);
			
			if ($store_info) {
				$store_name = $store_info['name'];
				$store_url = $store_info['url'] . 'index.php?route=news/login';
			} else {
				$store_name = $this->config->get('config_name');
				$store_url = HTTP_CATALOG . 'index.php?route=news/login';
			}
	
			$message  = sprintf($this->language->get('text_approve_welcome'), $store_name) . "\n\n";
			$message .= $this->language->get('text_approve_login') . "\n";
			$message .= $store_url . "\n\n";
			$message .= $this->language->get('text_approve_services') . "\n\n";
			$message .= $this->language->get('text_approve_thanks') . "\n";
			$message .= $store_name;
	
			$mail = new Mail();
			$mail->protocol = $this->config->get('config_mail_protocol');
			$mail->parameter = $this->config->get('config_mail_parameter');
			$mail->hostname = $this->config->get('config_smtp_host');
			$mail->username = $this->config->get('config_smtp_username');
			$mail->password = $this->config->get('config_smtp_password');
			$mail->port = $this->config->get('config_smtp_port');
			$mail->timeout = $this->config->get('config_smtp_timeout');							
			$mail->setTo($author_info['email']);
			$mail->setFrom($this->config->get('config_email'));
			$mail->setSender($store_name);
			$mail->setSubject(html_entity_decode(sprintf($this->language->get('text_approve_subject'), $store_name), ENT_QUOTES, 'UTF-8'));
			$mail->setText(html_entity_decode($message, ENT_QUOTES, 'UTF-8'));
			$mail->send();
		}		
	}
						
	public function getTotalAuthors($data = array()) {
      	$sql = "SELECT COUNT(*) AS total FROM " . DB_PREFIX . "news_author";
		
		$implode = array();
		
		if (!empty($data['filter_name'])) {
			$implode[] = "LCASE(CONCAT(firstname, ' ', lastname)) LIKE '%" . $this->db->escape(utf8_strtolower($data['filter_name'])) . "%'";
		}
		
		if (!empty($data['filter_email'])) {
			$implode[] = "LCASE(email) LIKE '" . $this->db->escape(utf8_strtolower($data['filter_email'])) . "%'";
		}
		
		if (isset($data['filter_newsletter']) && !is_null($data['filter_newsletter'])) {
			$implode[] = "newsletter = '" . (int)$data['filter_newsletter'] . "'";
		}
				
		if (!empty($data['filter_author_group_id'])) {
			$implode[] = "author_group_id = '" . (int)$data['filter_author_group_id'] . "'";
		}	
		
		if (!empty($data['filter_ip'])) {
			$implode[] = "author_id IN (SELECT author_id FROM " . DB_PREFIX . "news_author_ip WHERE ip = '" . $this->db->escape($data['filter_ip']) . "')";
		}	
						
		if (isset($data['filter_status']) && !is_null($data['filter_status'])) {
			$implode[] = "status = '" . (int)$data['filter_status'] . "'";
		}			
		
		if (isset($data['filter_approved']) && !is_null($data['filter_approved'])) {
			$implode[] = "approved = '" . (int)$data['filter_approved'] . "'";
		}		
				
		if (!empty($data['filter_date_added'])) {
			$implode[] = "DATE(date_added) = DATE('" . $this->db->escape($data['filter_date_added']) . "')";
		}
		
		if ($implode) {
			$sql .= " WHERE " . implode(" AND ", $implode);
		}
				
		$query = $this->db->query($sql);
				
		return $query->row['total'];
	}
		
	public function getTotalAuthorsAwaitingApproval() {
      	$query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "news_author WHERE status = '0' OR approved = '0'");

		return $query->row['total'];
	}
			
	public function getIpsByAuthorId($author_id) {
		$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "news_author_ip WHERE author_id = '" . (int)$author_id . "'");

		return $query->rows;
	}	
	
	public function getTotalAuthorsByIp($ip) {
		$query = $this->db->query("SELECT COUNT(*) AS total FROM " . DB_PREFIX . "news_author_ip WHERE ip = '" . $this->db->escape($ip) . "'");

		return $query->row['total'];
	}
	
	public function addBlacklist($ip) {
		$this->db->query("INSERT INTO `" . DB_PREFIX . "news_author_ip_blacklist` SET `ip` = '" . $this->db->escape($ip) . "'");
	}
		
	public function deleteBlacklist($ip) {
		$this->db->query("DELETE FROM `" . DB_PREFIX . "news_author_ip_blacklist` WHERE `ip` = '" . $this->db->escape($ip) . "'");
	}
			
	public function getTotalBlacklistsByIp($ip) {
      	$query = $this->db->query("SELECT COUNT(*) AS total FROM `" . DB_PREFIX . "news_author_ip_blacklist` WHERE `ip` = '" . $this->db->escape($ip) . "'");
				 
		return $query->row['total'];
	}	
}
?>